Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The operating system my web server runs on is (include version): Centos8 Stream
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.10.1
So for some reason, certbot created a cert for my main site at www.butlercg.com and it works perfectly.... but when I created a cert for the secondary site www.ldhdispatch.com it is failing a browser test.... Invalid Cert. I have verified the key paths....everything looks good so I'm not sure where to start troubleshooting this problem.
snippit from httpd -S - I do not see a reference to ldhdispatch in the vhost fiel
:80 is a NameVirtualHost
default server butlercg.com (/etc/httpd/conf.d/butlercg.conf:6)
port 80 namevhost butlercg.com (/etc/httpd/conf.d/butlercg.conf:6)
alias www.butlercg.com
port 80 namevhost ldhdispatch.com (/etc/httpd/conf.d/ldhdispatch.conf:6)
alias www.ldhdispatch.com
*:443 is a NameVirtualHost
default server butlercg.com (/etc/httpd/conf.d/butlercg-le-ssl.conf:2)
port 443 namevhost butlercg.com (/etc/httpd/conf.d/butlercg-le-ssl.conf:2)
alias www.butlercg.com
port 443 namevhost www.butlercg.com (/etc/httpd/conf.d/ssl.conf:40)
ServerRoot: "/etc/httpd"
Considering that www.ldhdispatch.com has a private IP address, I can't really check it.
Are you running your own nameservers?
Are you running a load balancer of some kind?
www.ldhdispatch.com. 21599 IN CNAME www2.ldhdispatch.com.
www2.ldhdispatch.com. 21599 IN A 192.168.1.55
ldhdispatch.com. 21599 IN A 192.168.1.55
ldhdispatch.com. 21599 IN A 192.168.1.56
ldhdispatch.com. 21430 IN SOA www.ldhdispatch.com. jbutler.butlercg.com. 20210103 3600 1800 604800 86400
ldhdispatch.com. 21430 IN NS ns2.butlercg.com.
ldhdispatch.com. 21430 IN NS ns1.butlercg.com.
ldhdispatch.com. 21430 IN A 192.168.1.56
ldhdispatch.com. 21430 IN A 192.168.1.55
ldhdispatch.com. 21430 IN MX 10 mail.ldhdispatch.com.
butlercg.com. 21599 IN SOA ns1.butlercg.com. jbutler.butlercg.com. 20210107 3600 1800 604800 86400
butlercg.com. 21599 IN NS ns1.butlercg.com.
butlercg.com. 21599 IN NS ns2.butlercg.com.
butlercg.com. 21599 IN A 192.168.1.56
butlercg.com. 21599 IN A 192.168.1.55
butlercg.com. 21599 IN A 71.227.71.168
I fixed those - I was trying to route to specific internal machines. Now that's I've corrected the dns and let the Vhost files do their jobs it seems to be working fine. Page loaded with no cert errors. Thanks for the help..